More on LinuxToday

Enterprise Linux Magazine: Meet PAM - Authenticating Users on an Open Source System

"Pluggable authentication modules (PAM) were originally
developed by Sun Microsystems and released as an undocumented
feature in Solaris 2.3. Since then, Sun has done little with PAM,
compared to the open source community, and most specifically, the
Linux community. In this article, we will explore the general role
of Linux-PAM, its components, configuration and a few general
examples of its use."

"The principal purpose of PAM is to provide a framework for
authenticating users on a system. To put PAM in perspective,
consider the very commonly implemented programs ftp and
telnet. Historically, each of these utilities incorporated its
own authentication mechanism through its associated daemon: telnetd
and ftpd, respectively. Telnetd would use the authentication
algorithm supplied by the login program while the ftpd incorporated
its own authentication algorithm. These algorithms are quite
similar and in most UNIX implementations, ultimately resolved to
the use of the entries found in /etc/passwd (and, in some cases,
/etc/shadow or similar files). Figure 1 depicts the authentication
procedure in this case."